-
Virginia welcomes cybersecurity start-ups to a state-backed business accelerator
Earlier this week, MACH37, a business accelerator for cybersecurity start-ups in Virginia, welcomed a new group of companies one year after it was launched to help establish the state as a hub for cybersecurity firms. The three-month program, funded with state money, offers a $50,000 investment and access to a network of mentors to companies that can turn their ideas into viable businesses.
-
-
Who is to blame when iCloud is "hacked" – you or Apple?
A hacker’s release of personal photos of actress Jennifer Lawrence and other female celebrities on the Internet on the weekend has again drawn our attention to the security of our personal information online. Apple may wish to absolve itself of responsibility when individuals lose control of their personal data, yet understanding the control of data as a personal matter disregards how iCloud and similar services actually operate. If Apple and other cloud-based services want our trust, then they have to acknowledge the role their products play in perpetuating anxieties of data-out-of-control.
-
-
Social networks aim to curb terror posts
Social media platforms such as Facebook, YouTube, Twitter, and Instagram have all become a staple of everyday Western lifestyles – and these avenues have also become more interesting for terrorists to exploit to advance their goals. These companies admit, however, that curbing free speech and screening violent and hateful content does involve walking a fine line.
-
-
Deterring cyberattacks requires building a public-private partnership
Cyberattacks loom as an increasingly dire threat to privacy, national security, and the global economy, and the best way to blunt their impact may be a public-private partnership between government and business, researchers say. The time to act is now, however, rather than in the wake of a crisis, says an expert in law and technology. The expert says that an information-sharing framework is necessary to combat cybersecurity threats.
-
-
ISIS cleverly exploits social media for recruiting, communicating, and instilling fear
Islamist militants have adopted social media as their primary medium for communicating with the public. Terrorism experts and social media analysts agree that in recent weeks IS has demonstrated a mastery of social media that far exceeds that of al-Qaeda. That use of social media is partly due to the participation of young Western-educated recruits who join IS.
-
-
Major weakness discovered in Android, Windows, and iOS
Researchers have identified a weakness believed to exist in Android, Windows, and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone. The researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested.
-
-
Social media grappling with problems posed by terrorists-supporting contents
Terrorist organizations have adopted social media as a tool for spreading propaganda and recruiting new members. Social media allow terrorist groups to interact with an audience and spread their message to a broader base. Legal scholars warn that as social media networks become the modern space for public discourse, they must be careful about publishing certain content because they could come under legal scrutiny for materially supporting terrorist organizations.
-
-
Maryland creates fund to support cybersecurity startups
The Maryland Technology Development Corporation, (TEDCO) an independent public organization founded by the Maryland General Assemblyand funded by the state, has created a $1 million fund to invest in startups developing new cybersecurity technologies.
-
-
New framework facilitates use of new Android security modules
Computer security researchers have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Android Security Modules (ASM) framework aims to eliminate the bottleneck that prevents developers and users from taking advantage of new security tools.
-
-
Winners announced in U.S. Cyber Challenge Western regional competition
Angela Rey, Lee Christensen, and Vincent Venem were on the winning team for the 2014 U.S. Cyber Challenge (USCC) Western Regional “Capture the Flag” competition. The seventy participants were selected based in part on their scores from Cyber Quests, an online competition offered through the USCC in April that drew more than 1,600 participants from almost 700 schools nationwide.
-
-
Energy companies slow to buy cyberdamage insurance
The U.S. oil industry will spend $1.87 billion on cybersecurity defense systems by 2018, but less than 20 percent of U.S. companies overall are covered for cyberdamages. “Imagine what could happen if a large refinery or petrochemical facility’s safety monitoring systems were hijacked near an urban area, or a subsea control module was no longer able to be controlled by the people who should be controlling it,” says one expert. “As we’ve all seen from Deepwater Horizon [the 2010 BP Gulf oil spill] those risks and damages can be astronomical. It requires an immediate response.”
-
-
Financial firms go beyond NIST's cybersecurity framework
The National Institute of Standards and Technology(NIST) released its Framework for Improving Critical Infrastructure Cybersecurityin February 2014. Utilities, banks, and other critical industries welcomed the guidelines, but many considered the framework to be a baseline for what was needed to continuously protect their networks from cyberattacks. Some financial firms have developed industry-based cyber policies through association such as the Financial Services Information Sharing and Analysis Center’s (FS-ISAC) Third Party Software Security Working Group. The group has been reviewing cyber policies since 2012, before the NIST guidelines were finalized.
-
-
All-industry cybersecurity association needed: Experts
A new report is calling for a professional association committed to serving the cybersecurity industry. Theacknowledged the shortage of qualified cybersecurity professionals, as well as the difficulty of recruiting, training, and hiring potential candidates.Experts say that a cybersecurity association could help assess the needs of employers seeking cybersecurity professionals, establish ongoing training and development programs, and also help develop cybersecurity standards across all industries.
-
-
Program aiming to facilitate cyberthreat information sharing is slow to take off
President Barack Obama’s 2013 executive orderto improve critical infrastructure cybersecurity allows DHS to expand an information-sharing program, once restricted to Pentagoncontractors, to sixteencritical infrastructure industries. The Enhanced Cybersecurity Servicesprogram transmits cyber threat indicators to selected companies so they may prepare their network protection systems to scan for those indicators. A DHS inspector general (IG) reportreleased on Monday has found that just about forty companies from three of the sixteen industries — energy, communications services, and defense — are part of the program. Moreover, only two ISPs are authorized to receive the indicators.
-
-
Two major security vulnerabilities found in majority of world’s smartphones
Researchers have uncovered two major vulnerabilities in smart phones from manufacturers including Apple, Google Android, and Blackberry, among others. These flaws could put up to 90 percent of the world’s two billion smartphones at risk for stolen data, password theft, and the potential for hackers even to take control of the device.
-
More headlines
The long view
Our Online World Relies on Encryption. What Happens If It Fails?
By Maureen Stanton
Quantum computers will make traditional data encryption techniques obsolete; BU researchers have turned to physics to come up with better defenses.